Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/ZuJU4kYakvfli2XW4gx_4D7QaP8.roa
File: ZuJU4kYakvfli2XW4gx_4D7QaP8.roa (raw, json)
Hash identifier: 6ZNujg3IxFmI9eOfYnolBklNXzALc82TuCkStp2u5IM=
Subject key identifier: 66:E2:54:E2:46:1A:92:F7:E5:8B:65:D6:E2:0C:7F:E0:3E:D0:68:FF
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DCF8F9DD20F62C2E2497B8F947F40
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/ZuJU4kYakvfli2XW4gx_4D7QaP8.roa
Signing time: Sun 01 Jan 2023 20:55:02 +0000
ROA not before: Sun 01 Jan 2023 20:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210662
IP address blocks: 2a0d:acc0::/29 maxlen: 29
2a0e:2280::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:cf:8f:9d:d2:0f:62:c2:e2:49:7b:8f:94:7f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66e254e2461a92f7e58b65d6e20c7fe03ed068ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:3c:40:71:9d:5a:42:6e:79:fe:9f:f4:ac:d5:
30:2b:96:c8:c1:4a:87:9e:81:94:01:b3:e8:5a:63:
dc:51:d6:e4:44:5a:9d:4c:b4:32:54:fb:bb:2b:de:
0b:9c:4c:a2:1b:10:b6:f1:ed:fe:b3:b0:88:f1:0a:
6c:f7:3d:55:95:5f:db:e2:72:1e:e7:eb:99:a8:64:
25:2b:14:c7:bd:0f:cb:aa:5b:0c:19:33:43:d0:e7:
c3:52:e4:91:f0:f8:65:ca:e5:6d:f6:95:fa:3f:4e:
de:73:2f:d3:aa:c5:c4:d7:3a:bf:13:3e:d9:65:22:
06:4c:64:e2:58:7f:73:1b:40:c8:6d:9a:a0:a2:a8:
f6:5a:c3:81:61:14:65:91:7d:a6:6b:e9:cd:74:8f:
fe:8d:f9:36:48:0f:f1:88:8f:7a:83:bb:99:27:26:
da:4b:24:48:9e:94:84:4c:64:2d:7c:3e:46:a3:87:
78:1b:d3:7d:f2:66:2f:56:d0:ee:72:82:31:5e:e3:
4f:42:e8:69:3d:ad:49:4d:07:f8:3e:62:91:78:ed:
23:d1:c4:d7:6f:29:13:e1:d5:d6:06:13:d4:5d:2f:
f2:7b:b1:df:4c:d8:e8:66:0a:ec:03:90:b3:a6:a8:
b1:d3:81:29:32:fc:29:1e:22:b7:ee:f8:92:c9:ca:
0c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E2:54:E2:46:1A:92:F7:E5:8B:65:D6:E2:0C:7F:E0:3E:D0:68:FF
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/ZuJU4kYakvfli2XW4gx_4D7QaP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:acc0::/29
2a0e:2280::/29
Signature Algorithm: sha256WithRSAEncryption
19:7e:50:af:bd:03:2c:de:e6:c1:09:7c:59:24:63:b9:c6:fe:
dc:35:25:c5:9d:41:58:fc:d2:c4:ed:72:f2:15:d1:b9:7d:72:
ba:1d:b3:67:6c:47:94:83:78:d4:2f:f2:27:98:78:72:3a:38:
35:99:ab:09:c5:c3:03:0c:42:e1:f4:4e:76:f5:4b:29:6a:0c:
87:a3:61:36:17:b2:76:76:82:4a:d6:cf:81:27:4f:02:4a:24:
8a:bc:9a:08:fa:47:9f:d9:3b:4c:15:51:03:dc:ff:72:fc:e9:
6e:47:17:97:a7:ad:a4:1f:58:19:30:4d:00:46:6a:76:67:ea:
f7:24:48:f2:ba:c5:96:63:6a:4b:62:5a:29:0c:c7:83:27:da:
73:4c:dc:f0:75:cf:59:1b:17:c0:3b:48:9d:49:3b:15:0e:66:
38:51:2c:07:57:0d:ff:6c:00:0c:a8:a4:67:f2:e2:f3:c4:d3:
14:a7:33:95:1d:23:40:2d:5c:ed:94:4a:48:04:30:92:e7:88:
6d:d7:d2:1a:ae:ea:4f:25:a9:fa:70:9c:5a:57:13:ca:03:a9:
dd:5a:a6:d4:95:d4:60:19:76:06:17:d7:98:89:73:62:cb:d4:
73:88:b6:33:5d:c9:7b:a7:05:54:c8:30:6e:83:a8:26:26:5d:
ec:6f:86:78
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvHc+PndIPYsLiSXuPlH9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmUyNTRlMjQ2MWE5MmY3ZTU4YjY1ZDZlMjBjN2ZlMDNlZDA2OGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TxAcZ1aQm55/p/0rNUwK5bIwUqH
noGUAbPoWmPcUdbkRFqdTLQyVPu7K94LnEyiGxC28e3+s7CI8Qps9z1VlV/b4nIe
5+uZqGQlKxTHvQ/LqlsMGTND0OfDUuSR8PhlyuVt9pX6P07ecy/TqsXE1zq/Ez7Z
ZSIGTGTiWH9zG0DIbZqgoqj2WsOBYRRlkX2ma+nNdI/+jfk2SA/xiI96g7uZJyba
SyRInpSETGQtfD5Go4d4G9N98mYvVtDucoIxXuNPQuhpPa1JTQf4PmKReO0j0cTX
bykT4dXWBhPUXS/ye7HfTNjoZgrsA5Czpqix04EpMvwpHiK37viSycoMawIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGbiVOJGGpL35Ytl1uIMf+A+0Gj/MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvWnVKVTRrWWFrdmZsaTJYVzRneF80RDdRYVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg2swAMF
AyoOIoAwDQYJKoZIhvcNAQELBQADggEBABl+UK+9Ayze5sEJfFkkY7nG/tw1JcWd
QVj80sTtcvIV0bl9crods2dsR5SDeNQv8ieYeHI6ODWZqwnFwwMMQuH0Tnb1Sylq
DIejYTYXsnZ2gkrWz4EnTwJKJIq8mgj6R5/ZO0wVUQPc/3L86W5HF5enraQfWBkw
TQBGanZn6vckSPK6xZZjaktiWikMx4Mn2nNM3PB1z1kbF8A7SJ1JOxUOZjhRLAdX
Df9sAAyopGfy4vPE0xSnM5UdI0AtXO2USkgEMJLniG3X0hqu6k8lqfpwnFpXE8oD
qd1aptSV1GAZdgYX15iJc2LL1HOItjNdyXunBVTIMG6DqCYmXexvhng=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org